Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
594d968d by Salvatore Bonaccorso at 2026-07-07T21:31:39+02:00
Track fixed version for dcmtk issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3216,7 +3216,7 @@ CVE-2026-54500 (Oj (Optimized JSON) is a JSON parser and 
Object marshaller packa
        - ruby-oj 3.17.3-1
        NOTE: 
https://github.com/ohler55/oj/security/advisories/GHSA-fm7p-mprw-wjm9
 CVE-2026-52868 (An unauthenticated attacker can read worklist records from a 
directory ...)
-       - dcmtk <unfixed> (bug #1141411)
+       - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=e3878daf870cd2db50eadfde38615f0afae8a584
 CVE-2026-52198 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
        NOT-FOR-US: UTT
@@ -3229,17 +3229,17 @@ CVE-2026-52195 (Buffer Overflow vulnerability in UTT 
nv518G nv518GV3v3.2.7-21091
 CVE-2026-52193 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
        NOT-FOR-US: UTT
 CVE-2026-50254 (An unauthenticated remote attacker can repeatedly send a 
single crafte ...)
-       - dcmtk <unfixed> (bug #1141411)
+       - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=23f181f7a3cb8334056f751a3a0c2ddf01046752
 CVE-2026-50110 (Storage Concentrator (SC & SCVM) contains hardcoded 
credentials for nu ...)
        NOT-FOR-US: Storage Concentrator
 CVE-2026-50040 (Storage Concentrator (SC & SCVM) is vulnerable to reflected 
cross-site ...)
        NOT-FOR-US: Storage Concentrator
 CVE-2026-50003 (A malicious or compromised server can make a DCMTK client 
using bit-pr ...)
-       - dcmtk <unfixed> (bug #1141411)
+       - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=eca9a03dda7d4fc1faa7e5a6dac9617938cf5803
 CVE-2026-44628 (An unauthenticated attacker can crash the worklist server with 
a singl ...)
-       - dcmtk <unfixed> (bug #1141411)
+       - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=f4e0074682645b1a4289d62581926c4394d5c6d5
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=694a0a06a38015ce768fa161a62b148189f84959
 CVE-2026-44042 (UltraVNC repeater through 1.8.2.2 contains an off-by-one error 
in the  ...)
@@ -3254,7 +3254,7 @@ CVE-2026-37106 (An issue in DokuWiki 2025-05-14b 
"Librarian" 56.2 allows a remot
        NOTE: Bogus CVE assignment for DokuWiki
        NOTE: https://github.com/dokuwiki/dokuwiki/issues/4682
 CVE-2026-35505 (An unauthenticated remote attacker can repeatedly send crafted 
connect ...)
-       - dcmtk <unfixed> (bug #1141411)
+       - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=2312891a8d058c862e00bcbd636e5da26308658a
 CVE-2026-2387 (The Event Organiser plugin for WordPress is vulnerable to 
Stored Cross ...)
        NOT-FOR-US: WordPress plugin



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/594d968d71e68d62b7d42b79eb60f461a7113922

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/594d968d71e68d62b7d42b79eb60f461a7113922
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to